Cetus Protocol posted a $5 million reward on Could 23 for info that identifies and results in the arrest of the attacker who extracted $223 million from its decentralized alternate on the Sui community.
Introduced on Could 23, the provide is coordinated with cybersecurity agency Inca Digital and can be funded by the Sui Basis if the tip proves decisive.
Informants should electronic mail the perpetrator’s title, location, and supporting proof with the topic “Cetus lead.” The DEX added that it will withdraw any civil motion and cancel the bounty ought to the exploiter return the belongings and settle for the sooner settlement proposal.
Notably, the provide comes amid centralization issues concerning Sui following the freezing of $162 million by a lot of its 114 validators.
Whitehat provide units the stage
Hours earlier than the general public bounty, Cetus used an on-chain transaction to ship a separate proposal to the attacker on Sui and Ethereum (ETH) blockchains.
That word provided a $6 million retention price, equal to 2,324 ETH, in alternate for the return of 20,920 ETH and all frozen quantities on Sui.
The staff mentioned it had mapped the exploiter’s Ethereum wallets and was coordinating with US federal authorities, FinCEN, the Seychelles Police Drive, chosen defense-sector companions, main exchanges, and bridge operators.
The ultimatum warned that any try to launder funds would set off a worldwide law-enforcement escalation.
Per the protocol’s Could 22 incident disclosure on X, the attacker focused a flaw in Cetus’ pricing mechanism, prompting a direct pause of all smart-contract exercise. The undertaking’s blockchain knowledge reveals that the exploit yielded $223 million in tokens.
Of that sum, $61 million was moved to Ethereum through bridges, whereas the remaining $162 million was frozen by Sui community validators.
Cetus has not revealed when regular buying and selling will resume or whether or not the staff will implement code modifications earlier than reactivating the contracts.
Validator motion sparks decentralization debate
Based on its block explorer, Sui hosts 114 lively validators. On Could 22, Sui acknowledged {that a} broad plurality agreed to reject any transaction originating from the attacker’s wallets shortly after the breach.
The collective freeze prevented the remaining $162 million switch and locked the tokens on-chain.
Gautham Santhosh, co-founder of Polynomialfi, wrote on X that the crypto group is now weighing the advantage of speedy asset safety in opposition to the implication that validators can droop particular accounts at will.
Though he highlighted that the method demanded consensus and was not arbitrary, the episode has modified the safety assumptions concerning layer-1 blockchains.
